Play Video
Video Summary
This video introduces the Splunk Security Data Journey, a framework designed to guide organisations through six maturity stages of security operations using Splunk Security Essentials. Starting with Stage 1: Collection, it emphasises the importance of onboarding high-value data sources to build a strong security foundation. From there, Stage 2: Normalisation focuses on unifying data to streamline detections and improve analyst efficiency. As organisations progress to Stage 3: Expansion, additional high-fidelity data sources like Microsoft Sysmon and Carbon Black are integrated, enhancing detection capabilities and strengthening the Security Operations Centre.
The journey continues with Stage 4: Enrichment, which leverages intelligence to provide deeper context for security events, followed by Stage 5: Automation and Orchestration, enabling consistent incident tracking and automated responses. Finally, Stage 6: Advanced Detection incorporates cutting-edge techniques, such as machine learning and advanced analytics, to uncover unknown threats. This stage represents a continuous evolution to counteract emerging risks. By following this maturity model, organisations can develop robust security operations tailored to their unique needs.
The journey continues with Stage 4: Enrichment, which leverages intelligence to provide deeper context for security events, followed by Stage 5: Automation and Orchestration, enabling consistent incident tracking and automated responses. Finally, Stage 6: Advanced Detection incorporates cutting-edge techniques, such as machine learning and advanced analytics, to uncover unknown threats. This stage represents a continuous evolution to counteract emerging risks. By following this maturity model, organisations can develop robust security operations tailored to their unique needs.
Other Videos in this Series
Additional Resources
Who are Somerford?
We are a passionate group of people delivering innovation to our customers on their digital transformation journey.
Splunk Edge Hub
Effortlessly streamline the process of inegrating your data with the Splunk Edge Hub.
Splunk Security Solutions
Utilise Splunk's suite of security solutions designed to provide uniefied and robust defence against cyber threads.
Get in Touch to Learn More
With specialist knowledge, skills and experience derived from supporting a broad range of FTSE 100, FTSE 250 and smaller companies Somerford Associates have a strong reputation for enabling digital transformation at scale, at pace and in budget.
